External persistence of session state information

ABSTRACT

A method performed by a computing system is described. The method involves receiving a deployment descriptor that specifies a persistence scope that is external to the computing system. The method also involves, as a consequence of the receiving, instantiating a plug-in for a database that is external to the computing system. The method also involves, over the course of a session, managing the persistence of the session&#39;s session state information in said database by, with program code provided by the plug-in, translating a first command that is not specific to the database into a second command that is specific to the database. The session state information comprises a plurality of attributes. The first command is to cause a process to be performed. The process is selected from the group consisting of: storing in the database one of the attributes; and, retrieving from the database one of the attributes.

FIELD OF INVENTION

The field of the invention relates to the software arts; and, morespecifically, the External Persistence Of Session State Information.

BACKGROUND

Sessions and Information

A “session” can be viewed as the back and forth communication over anetwork between a pair of computing systems. Referring to FIG. 1, in thecase of a client/server architecture, basic back and forth communicationinvolves a client 101 sending a server 100 a “request” that the server100 interprets into some action to be performed by the server 100. Theserver 100 then performs the action and if appropriate returns a“response” to the client 101 (e.g., a result of the action). Often, asession will involve multiple, perhaps many, requests and responses. Asingle session through one or more of its requests may invoke the use ofdifferent application software programs.

An aspect of session management is the use of session state informationover the course of a session's end-to-end lifetime. Session stateinformation is a record of the status and/or use of a session. Forexample, as part of a server's response process, the server may save inthe session state information a time in the future at which the sessionis to be deemed “expired” if a next request is not received by theserver for that session beforehand. Session state information may alsoinclude information used to “pick-up” a session from where it last“left-off” (such as the latest understood state of a client's webbrowser), and/or, data or other information sent to the user over thecourse of the session (such as one or more graphics or animation fileswhose content is presented to the client as part of the client's sessionexperience)

Persistence

In the software arts, “persistence” is a term related to the saving ofinformation. Generally, persisted information is saved in such a fashionsuch that, even if the entity that most recently used and saved theinformation suffers a crash, the information is not lost and can beretrieved at a later time despite the occurrence of the crash. Forexample, if a first virtual machine suffers a crash after using andsaving information to persistent storage, a second virtual machine may,subsequent to the crash, gain access to and use the persistently savedinformation.

FIG. 2 provides a simple example of the concept of “persistence” asviewed from the perspective of a single computing system 200. Note thatthe computing system 200 of FIG. 2 includes DRAM based system memory 210and a file system 220 (noting that a file system is typicallyimplemented with one or more internal hard disk drives, external RAIDsystem and/or internal or external tape drives). Traditionally, thesystem memory 210 is deemed “volatile” while the file system 220 isdeemed “non-volatile”. A volatile storage medium is a storage mediumthat loses its stored data if it ceases to receive electrical power. Anon volatile storage medium is a storage medium that is able to retainits stored data even if it ceases to receive electrical power.

Because a file system 220 is generally deemed non-volatile while asystem memory 210 is deemed volatile, from the perspective of the datathat is used by computing system and for those “crashes” of thecomputing system effected by a power outage, the file system 220 may beregarded as an acceptable form of persistent storage while the systemmemory 210 is not. Here, if the computing system saves a first item ofdata to the system memory 210 and a second item of data to the filesystem 220 and then subsequently crashes from a power outage, the seconditem of data can be recovered after the crash while the first item ofdata cannot. File systems can be internal or external (the later oftenbeing referred to as “file sharing” because more than one computingsystem may access an external file system).

Another form of acceptable persistence storage relative to computingsystem 200 is an external database 230. A database 230 is most oftenimplemented with a computing system having “database software”. Databasesoftware is a form of application software that not only permits data tobe stored and retrieved but also assists in the organization of thestored data (typically in a tabular form from the perspective of a userof the database software). Traditionally, database software have beendesigned to respond to commands written in a structure query language(SQL) or SQL-like format. Here, referring back to FIG. 2, if thecomputing system stores an item of data in the external database andthen subsequently crashes, the item of data can still be accessed fromthe external database.

External databases are particularly useful where information is to bemade accessible to more than one computing system. For example, if theexternal database 230 is designed to hold the HTML file for a popularweb page, and if the depicted computing system 200 is just one of manyother computing systems (not shown in FIG. 2) that are configured toengage in communicative sessions with various clients, each of thesecomputing systems can easily engage is sessions utilizing the popularweb page simply by being communicatively coupled to the database.External file systems also exist.

Persistence of Session State Information

FIG. 3 shows that session management 301 and persistence 302 functionsmay overlap. Notably, the persistence of a session's session stateinformation permits the possibility of a session to be successfullycontinued even if an entity that was handling the session crashes. Forexample, if a first virtual machine assigned to handle a session crashesafter the virtual machine both responds to the session's most recentclient request and persists the corresponding state information, uponthe reception of the next client request for the session, a secondvirtual machine may seamlessly handle the new request (from theperspective of the client) by accessing the persisted session stateinformation. That is, the second virtual machine is able to continue thesession “mid-stream” because the session's state information waspersisted.

FIGURES

The present invention is illustrated by way of example, and notlimitation, in the figures of the accompanying drawings in which likereferences indicate similar elements and in which:

FIG. 1 (prior art) shows a network between a client and a server;

FIG. 2 (prior art) shows a computing system having internal memory andinternal file system coupled to an external database;

FIG. 3 shows that session management and persistence functions mayoverlap;

FIG. 4 shows a hierarchical organization of session domains;

FIG. 5 shows file system persistent storage interface and an externaldatabase persistent storage plug-in;

FIG. 6 shows an embodiment of the organization of a file system accessedthrough a file system persistent storage interface;

FIG. 7 shows an embodiment of the organization of a database accessedthrough a database persistent storage interface;

FIG. 8 (prior art) shows a prior art computing system;

FIG. 9 shows an improved computing system that employs a shared memorythat stores shared closures;

FIG. 10 shows a shared session context within a shared memory;

FIG. 11 a shows an embodiment of a session state shared closure;

FIG. 11 b shows an embodiment of a session management criteria sharedclosure;

FIG. 12 shows a process for accessing session state attributes fromshared memory;

FIG. 13 shows a process for adding a session to a session managementtable stored in shared memory;

FIG. 14 shows a process for deleting a session from a session managementtable stored in shared memory;

FIG. 15 shows a process for deleting expired sessions from a sessionmanagement table stored in shared memory;

FIG. 16 shows a deployment descriptor for specifying a particularsession management persistence strategy;

FIG. 17 (prior art) shows a cluster of computing systems;

FIG. 18 shows a process for deploying applications according to aparticular session management persistence strategy;

FIG. 19 shows an embodiment of a computing system's hardware design.

SUMMARY

A method performed by a computing system is described. The methodinvolves receiving a deployment descriptor that specifies a persistencescope that is external to the computing system. The method alsoinvolves, as a consequence of the receiving, instantiating a plug-in fora database that is external to the computing system. The method alsoinvolves, over the course of a session, managing the persistence of thesession's session state information in said database by, with programcode provided by the plug-in, translating a first command that is notspecific to the database into a second command that is specific to thedatabase. The session state information comprises a plurality ofattributes. The first command is to cause a process to be performed. Theprocess is selected from the group consisting of: storing in thedatabase one of the attributes; and, retrieving from the database one ofthe attributes.

DETAILED DESCRIPTION 1.0 In-Memory Session Domains

According to an object oriented implementation, state information for aparticular session may be stored in a “session” object. In the contextof a request/response cycle (e.g., an HTTP request/response cycleperformed by a server in a client/server session), the receipt of a newrequest for a particular session causes the session's session object tobe: 1) retrieved from some form of storage; 2) updated to reflect theprocessing of the response to the request; and, 3) re-stored so that itcan be retrieved for the processing of the next request for the session.Here, a session object may be created by the server for each sessionthat the server recognizes itself as being actively engaged in. Thus,for example, upon the receipt of a first request for a new session, theserver will create a new session object for that session and, over thecourse of the session's lifetime, the server can retrieve, update andre-store the session object (e.g., for reach request/response cycle ifnecessary).

The server may be a Java 2 Enterprise Edition (“J2EE”) server node whichsupport Enterprise Java Bean (“EJB”) components and EJB containers (atthe business layer) and Servlets and Java Server Pages (“JSP”) (at thepresentation layer). Of course, other embodiments may be implemented inthe context of various different software platforms including, by way ofexample, Microsoft .NET, Microsoft Transaction Server (MTS), theAdvanced Business Application Programming (“ABAP”) platforms developedby SAP AG and comparable platforms. For simplicity, because a server isa specific type of computing system, the term “computing system” will belargely used throughout the present discussion. It is expected howeverthat many practical applications of the teachings provided herein areespecially applicable to servers.

At any given time, a computing system may be engaged in a large numberof active sessions. As such, in the simple case where a session objectexists for each session that the computing system is actively engagedin, the computing system will have to manage and oversee the storage ofa large number of session objects. FIG. 4 shows a session managementlayer 410 that is designed to store session state data according to ahierarchical scheme 402. According to a basic approach, session objectsthat are to be treated according to a same set of session managementcriteria are stored within a same region of the hierarchy.

Thus, for example, as depicted in FIG. 4, each of the S sessionsassociated with session objects 407 ₁ through 407 _(S) will be treatedaccording to a first set of session management criteria because theircorresponding sessions objects 407 ₁ through 407 _(S) are stored insession domain 1 404 ₁; and, each of the T sessions associated withsession objects 408 ₁ through 408 _(T) will be treated according to asecond set of session management criteria because their correspondingsessions objects 407 ₁ through 408 _(T) are stored in a session domain 2404 _(Y). In an implementation, each session domain is accessed throughreference to a specific region of memory (e.g., through a hashtable thatmaps keys to values).

Here, again according to a basic approach, the treatment applied to theS sessions will be different than the treatment applied to the Tsessions because their respective session objects are stored indifferent storage domains 404 ₁, 404 _(Y) (because different sessiondomains correspond to unique combinations of session managementcriteria). Session management criteria generally includes one or moreparameters that define (or at least help to define) how a session is tobe managed such as: 1) the session's maximum inactive time interval(e.g., the maximum amount of time that may elapse between the arrival ofa request and the arrival of a next request for a particular sessionwithout that session being declared “expired” for lack of activity); 2)the maximum number of outstanding requests that may be entertained bythe computing system for the session at any one time; 3) the session'saccess policy (which indicates whether the session can be accessed bymultiple threads (i.e., is multi-threaded) or can only be accessed by asingle thread); 4) the session's invalidation policy (e.g., whether ornot the session object for an inactivated session is persisted or not);and, 5) the type of persistent storage to be used.

According to one approach, one or more session management criteria itemsfor a particular session domain (such as any combination of thosedescribed just above) is stored within the session domain separatelyfrom the one or more session objects that are stored within the samesession domain. Such an approach may improve efficiency because, at anextreme, the session objects need not carry any session managementcriteria information and may instead carry only pure session stateinformation (e.g., the expiration time of the session, the most recentunderstood state of the client's web browser, etc.).

In the case of an application server computing system, clients engage insessions with the computing system so that they can use applicationsoftware located on the computing system. The application software(including any “pages” such as those from which the execution of aspecific software routine may be triggered) may be run on the computingsystem and/or downloaded to and run on the client. In an approach thatmay be alternate to or combined with the basic embodiment described justabove in which session domains are reserved for unique combinations ofsession management criteria, session domains may be established on a“per application” basis. That is, a first session domain may beestablished in the hierarchy for a first application, and, a secondsession domain may be established in the hierarchy for a secondapplication. In an alternate or combined implementation, entirehierarchy trees (each having its own root node 403) are instantiated ona “per application” basis.

Depending on implementation preference, different applications havingidentical session management treatment policies may have their sessionobjects stored in the same session domain or in different sessiondomains. Moreover, again according to implementation preference, asingle session domain may be created for the session objects of sessionsthat deserve “related” rather than “identical” session managementtreatment (e.g., for a particular session domain, some but not allsession management criteria characteristics are identical; and/or, arange of possible criteria values is established for a particularsession domain such as sessions having a maximum inactive time intervalwithin a particular time range).

The storage hierarchy may also include the notion of parent and childrennodes. In one configuration, a child node has the same lifecycle as itsparent node. Thus, if the parent domain is destroyed all of its childrennodes are destroyed. The domain hierarchy provides different space forthe sessions (session domains) grouping it in logical structure similarto the grouping files to the folders. According to an implementation,the root 403 is used to provide high-level management of the entirehierarchy tree rather than to store session information. For example, ifan application consists of many Enterprise Java Bean (EJB) subapplications you should be able to manage the sessions of different EJBcomponents separately. As such, isolation between different EJBsub-applications is achieved by instantiating different session domainsfor different EJB components, while at the same time, there should existthe ability to manage the entire application as a whole.

For example, to remove all sessions of an application after removal ofthe whole application. Grouping the sessions in tree structure (wherethe root presents the application and the various children present thedifferent ejb's) you can easily destroy all the sessions after removingthe application simply by destroying the root.

The nomenclature of session domains 404 ₁ through 404 _(Y) is meant toconvey that a wide range of different session domains (at least Y ofthem) may be established for a particular “context”. Different hierarchy“contexts” 402 ₁, 402 ₂, . . . 402 _(X) are depicted in FIG. 4. Theprocessing of a complete request/response often involves the processingof different active segments of code within the computing system. Forexample, a first segment of code may setup and teardown the specific“ports” through which a session's data flows in and out of the computingsystem, a second segment of code may handle the protocol between theclient and computing system (e.g., an HTTP or HTTPS protocol), a thirdsegment of code may be the actual application software that is invokedby the client (e.g., specific objects or components in an objectoriented architecture (such as Enterprise Java Beans (EJBs) in a Javaenvironment)).

Each of these different segments of code may depend on their own sessionstate information in order to support the session over the course of itslifetime. As such, in an embodiment, different contexts are established,each containing its own hierarchy of session domains, for the differentsegments of code. For example, continuing with the example provided justabove, context 402 ₁ may be used to store client/server protocol sessionstate information, context 402 ₂ may be used to store computing systemport session state information, and context 402 _(X) may be used tostore EJB session state information. For simplicity the remainder of thepresent application will focus largely on client/server communicationprotocol session state information (e.g., HTTP session stateinformation) that is kept in object(s) within an object orientedenvironment.

Referring to FIG. 4, a session management layer 410 is observedinterfacing with the session domain storage hierarchy 402 to supportsessions between one or more clients and software applications 411 ₁through 411 _(K). According to one implementation, the sessionmanagement layer 410 accesses 406 ₁ . . . , 406 _(Y) the informationstored in their respective session domains on behalf of the applications411 ₁ through 411 _(K). Alternatively or in combination, theapplications 411 ₁ through 411 _(K) may access session domaininformation directly.

Typically, the session contexts 402 ₁ through 402 _(X) and theirassociated session domains are essentially “cached” in the computingsystem's volatile semiconductor random access memory (e.g., within thecomputing system's system memory and/or the computing system'sprocessors' caches) so that rapid accesses 406 ₁ through 406 _(Y) to thesession state and/or session management criteria information can bemade. As alluded to in the background, the cached (“in-memory”) sessionstate information may be persisted to a file system or database toprevent service disruption in case there is some operational failurethat causes the cached session state information to no longer beaccessible. Moreover, consistent with classical caching schemes, sessionstate information that has not been recently used may be “evicted” topersistent storage to make room in the computing system memory forother, more frequently used objects. Thus, access to persistent storagefor session information not only provides a “failover” mechanism forrecovering from some type of operational crash, but also, provides adeeper storage reserve for relatively infrequently used sessioninformation so as to permit the computing system as a whole to operatemore efficiently.

2.0 File System and Database Persistent Storage Interfaces

The session management layer 410 is responsible for managing thepersistence of session objects consistently with the session managementcriteria that is defined for their respective session domains. Becauseof the different types of file systems that may exist, the syntax and/orcommand structure used to store and/or retrieve information to/from aparticular file system may differ from that of another file system.Moreover, the types of activities that are performed on a file systemwith persisted information (most notably the storing and retrieving ofpersisted information) tend to be the same regardless of the actual typeof file system that is implemented. That is, the high level operationsperformed on a file system with persisted information generally areindependent of any particular file system.

In order to enable the straightforward configuration of a particularsession domain whose content is to be persisted into a specific type offile system, some kind of easily configurable translation layer isneeded whose functional role, after its instantiation and integrationinto the deployed software platform as a whole, is to interface betweena set of high level persistence related commands and a specific type offile system. By so doing, source code level developers can develop thesession management layer 410 and/or applications 411 ₁ through 411 _(K)that invoke persisted information be referring only to a high levelcommand set.

Upon actual deployment of the executable versions of the source code,which approximately corresponds to the time at which the actual filesystem to be used for persistence is actually identifiable, thetranslation layer is instantiated to translate between these high levelcommands and the specific syntax and/or command set of the particulartype of file system that is to be used to persist the data. According toone implementation, a unique block of translation layer code isinstantiated for each session domain (i.e., each session domain isconfigured to have “its own” translation layer code). According toanother implementation, a unique block of translation layer code isinstantiated for each file system (i.e., each file system is configuredto have “its own” translation layer code).

During actual runtime, in order to store/retrieve persisted information,the session management layer 410 and/or certain applications essentially“call on” a translation layer (through the high level command set) anduse it as an interface to the translation layer's corresponding filesystem. For clarity, a translation layer as described just above will bereferred to by the term “session persistence storage interface” orsimply “persistence storage interface” or “persistence interface”.

FIG. 5 shows persistence storage interface models for a file system andfor an external database. Specifically, persistence storage interface510 ₁ is depicted as being an interface to a file system 513; and,persistence storage interface 510 _(Y) is depicted as being an interfaceto external database 514. Persistence storage interface 510 ₁ isdepicted as being the persistence interface between cached sessiondomain 504 ₁ and file system 513. Persistence storage interface 510 _(Y)is depicted as being the persistence interface between cached sessiondomain 504 _(Y) and external database 514. Here, note the similarity innomenclature between FIGS. 4 and 5 with regard to session domains 404_(1,Y) and 504 _(1,Y) suggesting that session domain 404 ₁ of FIG. 4could be configured to use file system 510 ₁ as its persistent storagemedium, and, that session domain 404 _(Y) of FIG. 4 could be configuredto use database 514 as its persistence storage medium.

Activities 506 ₁ and 506 _(Y) are meant to depict any activitiesstemming from the session management layer and/or any applications thatare imparted upon session objects 507 ₁ through 507 _(S) and 508 ₁through 508 _(T), respectively, and/or upon their respective sessiondomains 504 ₁, 504 _(Y) as a whole. As described above, these activities506 ₁, 506 _(Y) may involve method calls to the respective persistencestorage interfaces 510 ₁, 510 _(Y). Here, activities 509 ₁ and 509 _(Y)are meant to depict the transfer of session state information betweenthe cached session domain 504 ₁, 504 _(Y) and the correspondingpersistence storage medium 513, 514.

Notably, the depicted persistence interface models 510 ₁, 510 _(Y) use a“plug-in” architecture. A “plug-in” is a pre-existing segment of codethat is not integrated into a larger software system, ultimately as aworking component of the larger software system, unless an affirmativecommand to integrate the plug-in into the larger system is made.According to an implementation, a separate plug-in exists for differenttypes of persistence storage implementations that may exist. Forexample, currently, there are different types of file systems anddatabases available on the open market that a “user” of the software maychoose to use for persistence purposes.

In the case of databases, different database software vendors presentlyexist such as Oracle, IBM and Microsoft. Each of these different vendorstend to have an SQL based command language (e.g., insert). Often times,different command statements are needed to perform identical operationsacross different database software implementations. Therefore, accordingto the approach of FIG. 5, a separate database plug-in 512 is writtenfor the various types of “supported” persistence database solutions thatan ultimate end user of the computing system's application software maychoose to implement. For example, a first plug-in may exist for databasesoftware offered by Oracle (e.g., Oracle Database based products), asecond plug-in may exist for database software offered by IBM (e.g., IBMDB2), and, a third plug-in may exist for database software offered byMicrosoft (e.g., Microsoft SQL Server based products).

According to an approach, upon deployment of software to a particularcomputing system and surrounding infrastructure (i.e., when a particulartype of database software being used for persistence is actually known),the plug-in 512 for a particular type of database software is integratedinto the computing system's software. According to a further embodiment,a separate database software plug-in is “plugged in” (i.e., integratedinto the computing system's software) for each session domain havingpersistence to a database. Here, if different session domains areconfigured to persistent to a same database, some queuing space may needto be implemented between the session domains' plug-ins and the databasein order to handle quasi-simultaneous persistence operations made to thedatabase from different session domains.

According to an alternate embodiment, a separate database plug-in is“plugged in” for each different database that is used for persistence(i.e., the persistence functions for different session domains that usethe same database flow through the same plug-in). According to thisimplementation, some queuing space may need to be implemented betweenthe plug-in for a particular database and the different session domainsthat persist to that database in order to handle quasi-simultaneouspersistence operations made to the database.

According to another alternate embodiment, a separate database plug-inis “plugged in” for each different type of database that is used forpersistence (i.e., the persistence functions for different sessiondomains that use the same database command language (but perhapsdifferent actual database instances) flow through the same plug-in).According to this implementation, some queuing space may need to beimplemented between the plug-in for a particular database type and thedifferent session domains that persist to that database type in order tohandle quasi-simultaneous persistence operations made to the same typedatabase. Moreover, additional queuing space may need to be implementedbetween the plug-in for a particular database type and the differentactual instances of that database type that the session data is actuallypersisted to.

According to the approach of FIG. 5, a separate database plug-in 511 iswritten for the various types of “supported” file systems that acustomer of the software may choose to persist to. Upon deployment ofthe software to a particular platform (again, when the particulartype(s) of file system(s) being used for persistence is actually known),the plug-in 511 for a particular file system is integrated into thesoftware. Consistent with the principles outline just above, file systemplug-ins may be “plugged in” on a per session domain basis, a per filesystem basis, or, a per file system type basis. Separate plug-ins may bewritten for each of various vendor-specific or open sourced filesystems.

According to an embodiment, each plug-in essentially serves as atranslator that translates between a generic command set and the commandset particular to a specific type of persistence. According to oneimplementation, the generic command set is not specific to anyparticular persistence type. Referring briefly back to FIG. 4, bydesigning the persistence commands called out by the session managementlayer 410 and/or applications 411 ₁ through 411 _(K) with the genericcommand set, after deployment and during runtime, the plug-in for aparticular type of persistence will translate the generic commands fromthe session management and/or an applications into commands that arespecific to the particular type of persistence that has been implemented(e.g., a particular type of file system or database). As such, ideally,the source code designers of the session management function and/orapplications need not concern themselves with particular types ofpersistence or their corresponding command languages.

2.1 Embodiment of File System Persistent Storage Interface

FIGS. 6 and 7 depict additional details about a persistent storageinterface for a file system and database, respectively. Referringfirstly to FIG. 6, activity 616 represents the activity that may beimposed upon the memory based session domain 604 by a session managementlayer and/or one or more applications; and, activity 626 represents theactivity that may be imposed upon a specific session object (inparticular, session object 607 ₁) by a session management layer andone/or more applications. Here, because session domain 604 is configuredto be “backed up” by persistent storage 613, note that, from acommunicative flow perspective, a session persistent storage interface610 containing plug-in code 611 resides between the session objects 607₁ through 607 _(S) and the file system persistence storage 613.

As described above with respect to FIG. 5, the persistence interface 610comprehends a generic command set that the plug-in 611 is able toconvert into commands that are specific to the particular type of filesystem that persistence storage 613 corresponds to (e.g., Linux basedfile systems (e.g., Ext, Ext2, Ext3), Unix based file systems (e.g.,Unix Filing System (UFS), IBM based file systems (e.g., IBM JournaledFile Systems (JFS), IBM General Parallel File System (GPFS)), Oraclebased file systems (e.g., Oracle Clustered File System (OCFS), OracleReal Application Clusters (RAC), Oracle Automatic Storage Management(OASM)), ReiserFS based files systems, Microsoft based file systems(e.g., FAT16, FAT32, NTFS, WINFS), etc.).

The application of the generic commands to the persistence storageinterface 610 is represented as activity 631. Here, certain activity 616applied to the session domain as a whole, as well as certain activity626 applied to a specific session object, will trigger activity 631 atthe persistent storage interface 610 so that the information and/orstructure of the memory based session domain 604 is effectivelyduplicated with the persistent storage 613.

According to the perspective of FIG. 6, a “model” of a session object ispersisted within the persistence storage 613. Because the particularpersistent storage 613 of FIG. 6 is a file system, and because filesystems tend to be organized through a hierarchy of directories thatcontain files having data, the persisted session object “model” of FIG.6 corresponds to a set of files stored within a directory. As anillustrative example, FIG. 6 shows an exploded view of the specificmodel 650 that has been persisted for session object 607 ₁. Here, adirectory 627 ₁ has been created for session object 607 ₁, and, thecontents of this directory 627 ₁ include separate files 651 ₁ through651 _(J) that, when taken together, correspond to the sessioninformation contained by session object 607 ₁ that is persisted by filesystem 613. Note that separate directories 627 ₂ through 627 _(S) havebeen created for each of session objects 607 ₂ through 607 _(S),respectively.

The plug-in 611 is primarily responsible for, in response to the commandactivity 631 presented at the persistent storage interface 610, creatingand deleting directories in the file sysem 613 and creating, deleting,reading and writing to files in the file system 613. According to oneembodiment, the persistent storage interface 610 with its plug-in 611causes the hierarchical structure of the directory that is persisted inthe file system 613 to approximately mirror the hierarchical structureof the “in-memory” session domain 604. For example, referring to FIGS. 4and 6, in the simplest case where the file system 613 is the solepersistence resource for session contexts 402 ₁ through 402 _(X), thepersistence interface 610 with its plug-in 611 creates a failoverdirectory 625 in the file system where all persisted session informationis kept. Here, a separate directory is then established within thefailover directory 625 for each session context 402 ₁ through 402 _(X)in the session domain (FIG. 6 only shows one such directory 624 whichhas been created for session context 624).

Within the directory for a particular context, directories are createdfor each session domain within the context. FIG. 6 only shows one suchdirectory 623 created for session domain 404 ₁, at least Y suchdirectories would be created within context directory 624. The directoryfor a particular session domain, such as directory 623, contains adirectory for each session object that is associated with the sessiondomain. Thus, as observed in FIG. 6, a separate directory 627 ₁ through627 _(S) exists for each of session objects 607 ₁ through 607 _(S),respectively. If session domain 404 ₁ has any children session domains(not shown in FIG. 4), directory 627 ₁ would contain additionaldirectories for these children session domains (that, in turn, wouldcontain directories for their corresponding session objects and childrensession domains).

Notably, the various contents of session object 607, are broken downinto separate “attributes”, and, a separate file is created and storedin directory 627 ₁ for each attribute of session object 607 ₁ (or atleast those attributes deemed worthy of persisting). According to theexemplary depiction of FIG. 6, session object 607 ₁ has “J” differentattributes that are persisted through files 651 ₁ through 651 _(J),respectively. An attribute generally corresponds to a specific item ofdata that is a component of a session's session state information.Generic examples of attributes include and the session's sessionID andexpiration time. However, in practice, attributes tend to be specific tothe particular information that is persisted for a particular session.For instance, in the case of a “session” Enterprise Java Bean (EJB)various “attributes” of session state information that are specific orunique to the EJB will be persisted.

According to one embodiment, the following set of generic commands maybe presented at the session persistent storage interface 610 forpurposes of managing the persisted session domain as a whole.Communicative flow 632 is meant to depict this high level managementview. Input arguments for the command methods are presented inparenthesis.

1. Create_Model (sessionID). The “Create_Model” command creates a modelfor a specific directory in the file system 613 for a specific session.As described above, according to one implementation, a unique sessionobject is created for each unique session. When the computing systemrecognizes a new session, a new session object is created for thatsession, a session domain for that session object is identified orcreated, and, the Create Model command is called at the persistentstorage interface 610 for the session domain 604. In response to theCreate Model command, the plug-in 611 creates a directory in the filesystem for the new session (e.g., directory 627 ₁) within the filesystem directory established for the session domain (e.g., directory623). In an implementation, the plug-in 611 creates the directory thougha “model” object that represents the new directory and contains“handlers” to the file system. For example, in the case of file systempersistence, the model object keeps a reference to thejava.ioFileOutputStream which is the object that provides the physicalaccess to the file system. In one embodiment, the persistence storageinterface 610 creates a mapping between the session object, thepersistence model object and a specific directory in the file system613. That is, in this embodiment a one-to-one correspondence existsbetween sessions within the session domain 604 and model objects managedby the persistent storage interface. As session data is modified, themapping ensures that the session data stored within the file systemremains consistent with the session object (i.e., via the file systemhandlers).

When a new session is created it is assigned an identificationcode—referred to as the “SessionID”. Here, if per-session domainpersistent storage interfaces are instantiated, the interface 610 needonly be given the SessionID as the input argument in order to performthe appropriate operations upon the file system (assuming the interface610 is configured to “know” as background information the identity ofthe file system it interfaces to as well as the session domain itservices). The remainder of the commands below are described so as toapply to per-session domain persistent storage interfaces, but, thearguments given with the commands could be extended to include theidentity of the session domain if persistence storage interfaces areinstantiated per file system, or the identity of the session domain anda specific file system if per-file system type interfaces areinstantiated.

2. Get_Model (sessionID). The “Get Model” command retrieves the entirepersisted content for a session. Thus, for example, if the GetModelcommand where executed for the session for which directory 627 ₁ wascreated, the session model object of the plug-in 611 would read each ofattribute files 651 ₁ through 651 _(J) from the file system.

3. Remove_Model (model). The “Remove Model” command essentially deletesthe persisted information for a particular session. For example, if theRemove Model command were executed for the session for which directory627 ₁ was created, the session model object of the plug-in 611 woulddelete directory 627 ₁ and all its contents from the (i.e., attributefiles 651 ₁ through 651 _(J)) from the file system. A Remove Modelcommand is often executed for a session after the session has beendeemed no longer functioning (e.g., “expired”, “corrupted”, etc.).

4. Iterator. The “Iterator” command is called so that specific attributefiles mapped to model objects can be fetched from each session directorywithin the session domain directory. According to one implementation, inresponse to the Iterator command, the interface 610 creates and returnsto the caller of the Iterator command an “Iterator” object. An iteratorobject, such as Java's java.util.Iterator interface object, is an objecthaving methods to fetch some or all elements within a collection. Thus,for example, if the session management layer wanted to view the firstattribute within each of session directories 627 ₁ through 627 _(S), itwould first call the Iterator command at the persistence interface 610.

The interface 610 would then return an Iterator object to the sessionmanagement layer in response. The session management layer could thenuse the Iterator object to fetch the first attribute within each sessiondirectory. According to one embodiment, the interface 610 creates theiterator object so that is it executes a sequence of “Get Attribute(s)”commands at the interface 610 (specifically, one “Get Attribute(s)”command for each session directory within the session domain directory),where, the desired attribute(s) are specified by the caller of the“Iterator” command. The Get Attribute(s) command is described in moredetail further below.

5. Iterator_All_Expired. The “Iterator_All_Expired” command operatessimilarly to the Iterator command, except that the created Iteratorobject only has visibility into the session directories of sessions thatare deemed expired. According to an implementation, execution of theIterate_All_Expired function involves the interface 610 having to firstidentify those sessions that are deemed expired and then having tocreate an Iterator object whose sequence of Get Attribute(s) commandsonly read into those session directories identified as being expired. Inorder for the interface 610 to determine which sessions have expired,the session domain directory 623 can be configured to includeinformation sufficient for the determination to be made.

For example, in one embodiment, one of the attributes within eachsession object and its corresponding persisted directory is the time atwhich the corresponding session is deemed to be expired. If the plug-in611 reads this attribute and the present time is beyond the timerecorded in the attribute, the session is deemed “expired” (accordingly,note that the plug-in 611 should write the expiration time for a sessioninto the appropriate attribute of the session's corresponding sessiondirectory each time a new request is received for the session).

6. Remove_All_Expired. The “Remove_All_Expired” command is used todelete all session directories from a session domain directory whosecorresponding sessions are deemed expired. Here, consistent with thediscussion provided just above with respect to the Interator_All_Expiredcommand, session directories can be identified as being expired if theyare designed to contain an attribute that identifies them as beingexpired; or, if the session domain directory contains informationsufficient for the interface 610 to determine which sessions areexpired.

Whereas the above commands provide session domain-wide managementfunctions for a persisted session domain, in a further embodiment, theinterface 610 and model object of its plug-in 611 are also written tosupport the following command set for managing the information that ispersisted for a particular session (e.g., for managing a particularmodel's information). Each of the commands below can be assumed to beidentified to the interface 610, in some way, as pertaining to aparticular session within the session domain.

1. Get_Session_ID. Execution of the Get_Session_ID command causes theplug-in 611 to read the sessionID for the particular session that thecommand is called on behalf of. Note that, accordingly, the sessionIDcorresponds to information contained in one of the attributes associatedwith a session's persisted session state information.

2. Get_Expiration_Time. Execution of the Get_Expiration_Time commandcauses a model object of the plug-in 611 to read the expiration time forthe particular session that the command is called on behalf of. Notethat, accordingly, the expiration time corresponds to informationcontained in one of the attributes associated with a session's persistedsession state information.

3. Update_Expiration_Time (maximum inactive time interval). Execution ofthe Get_Expiration_Time command causes the model object within theplug-in 611 to write a new expiration time for the particular sessionthat the command is called on behalf of. According to oneimplementation, as observed above, the maximum inactive time interval ispresented as an input argument for the Update_Expiration_Time command.Here, the expiration time is calculated by the interface 610 (or itsplug-in 611) simply by adding the maximum inactive time interval to thepresent time.

In an embodiment, even though the maximum inactive time interval is moreproperly viewed as session management criteria information, the inactivetime interval is “tagged along with” the expiration time or isrecognized as its own separate attribute within the client's sessionstate information. Typically, a new expiration time is calculated witheach newly arriving request for a particular session (or, with eachcompleted request/response cycle for a particular session).

Note that, according to an implementation, the “present time” used forcalculating the expiration time is taken from a clock within thecomputing system. Although not entirely relevant for internal filesystems, using a clock from an external persistence resource (such as anexternal database or RAID system) could cause unequal expirationtreatment across different persistence resources if the clocks from thedifferent persistence resources do not have identical core frequencies.Calculating the expiration time from the persistence interface 610 orplug-in 611 keeps the core frequency the same (i.e., a clock within thecomputing system is used) across all session irregardless of eachsession's particular persistence resource.

4. Get_Attribute(s) (attribute(s)). Execution of the Get_Attribute(s)command causes a model object within the plug-in 611 to read one or morespecific attributes identified by the caller of the command (e.g., thesession management layer or an application). The “attribute(s)” argumentidentifies the specific attribute(s) (i.e., specific file(s)) that areto be retrieved.

In an implementation each one of these attributes (as well as thesessionID and expiration time) can be obtained by explicitly calling forit in the attribute(s) argument of the Get_Attribute command. Moreover,as part of managing the visual presentation that is rendered on theclient over the course of the session, the attributes of a session'ssession state information may also include fairly large graphics files.In this case, the session object is used to implement a kind of cachingscheme for certain visual images that are to be displayed on the clientover the course of the session.

It is in this respect that size management of a session object and itspersisted information may become an issue. If a session object were tocontain a number of such large graphics files, reading/writing all ofits contents to/from persistence storage 613 as standard persistenceaccessing procedure would be inefficient. By granularizing a sessionobject's content into smaller attributes, and by making these attributesseparately accessible to/from persistent storage 613, a single largegraphics file can be individually read from persistence storage only ifthe file is actually needed—for instance (i.e., large graphics filesthat are not needed are not identified in the attribute(s) inputargument and remain in persisted storage).

Perhaps more importantly, if only a relatively small piece of sessionstate information is actually needed (e.g., just the expiration time),only that small piece of session state information can be read frompersistent storage (i.e., the retrieval of un-desired large graphicsfile is avoided). Hence, the ability to specifically target only certainportions of a persisted session object results in more efficientoperation as compared to an environment where only the entire content ofa session object's contents can be read from or written to persistence.

Note that, according to an implementation, all attributes areindividually accessible—not just those used for the storage of graphicsfiles. Here, communicative flows 634 ₁ through 634 _(J) are meant toconvey the individual accessibility of each of persisted attributes 651₁ through 651 _(S). In an implementation alternative to that describedabove, only a singleton “attribute” is presented as an input argumentand separate Get Attribute(attribute) commands have to be called toretrieve more than one attribute.

5. Put_Attribute(s)(attribute(s)). Execution of the Put_Attribute(s)command enables the writing of individual attributes into persistentstorage via the model object consistent with the same principlesoutlined above for the Get_Attribute(s) command. Notably, in animplementation, execution of a Get_Attribute(s) or Put_Attribute(s)command does not involve serialization of the attribute data.Traditionally, persisted objects have been serialized (into a “bytearray”) prior to their being persisted so as to enable their transportacross networks and/or enable their reconstruction (through a processreferred to as deserialization) upon being recalled from persistentstorage. Serialization and deserialization can be an inefficient,however, and accessing the attributes(s) in a non serialized formatshould eliminate inefficiencies associated withserialization/deserialization processes.

6. Get_Attribute(s)_Serialized(attributes(s)). Execution of theGet_Attribute(s)_Serialized command is essentially the same as theGet_Atribute(s) command described above, except that the persistencestorage interface 610 (or model object within the plug-in 611) performsdeserialization on attribute data read from persistent storage.

7. Put_Attribute(s)_Serialized(attributes(s)). Execution of thePut_Attribute(s)_Serialized command is essentially the same as thePut_Atribute(s) command described above, except that the persistencestorage interface 610 (or model object within the plug-in 611) performsserialization on attribute data written to persistent storage.

According to one implementation, session management criteria informationfor a particular session domain (e.g., maximum inactive time interval,maximum number of outstanding requests, access policy, etc.) is kept inthe in-memory session domain 604 separately from the session domain'ssession objects 607 ₁ through 607 _(S) (e.g., in another object notshown in FIG. 6); and, is persisted to a file in the session domain'sdirectory 623 (also not shown in FIG. 6) along with the individualsession directories 627 ₁ through 627 _(S). Recalling the discussionprovided above in Section 1.0 near the onset of the discussion of FIG.4, separating session management criteria information from session stateinformation keeps the size of the session objects 607 ₁ through 607 _(S)(and the size of their corresponding persisted directories 627 ₁ through627 _(S)) beneath the size they would otherwise be if they were designedto include the session management criteria information themselves.

2.2 Embodiment of Database Persistent Storage Interface

FIG. 7 depicts additional details about a persistent storage interfacefor a database. Similar to FIG. 6, activity 716 of FIG. 7 represents theactivity that may be imposed upon the memory based session domain 704 bya session management layer and/or one or more applications; and,activity 726 represents the activity that may be imposed upon a specificsession object (in particular, session object 708 ₁) by a sessionmanagement layer and one/or more applications. Here, because sessiondomain 704 is configured to be “backed up” by database 714, note that,from a communicative flow perspective, the persistent storage interface710 containing plug-in code 711 resides between the session objects 708₁ through 708 _(T) and the persistence storage 714.

As described above with respect to FIGS. 5 and 6, the persistenceinterface 710 comprehends a generic command set that the plug-in 711 isable to convert into commands that are specific to the particular typeof database that persistence storage 714 corresponds to. The applicationof the generic commands to the persistence storage interface 710 isrepresented as activity 731. Here, certain activity 716 applied to thesession domain as a whole, as well as certain activity 726 applied to aspecific session object, will trigger activity 731 at the persistentstorage interface 610 so that the information and/or structure of thememory based session domain 704 is effectively duplicated with thepersistent storage 714.

According to the perspective of FIG. 7, a “model” of a session object ispersisted within the persistence storage 714. Because the particularpersistent storage 714 of FIG. 7 is a database, and because databasedata tends to be organized with a table, the persisted session object“model” of FIG. 7 corresponds to a row within a table 723 that has beenestablished for the session domain 704. As an illustrative example, FIG.7 shows tables rows 751, 752, . . . 75S as being the persisted modelsfor session objects 607 ₁, 607 ₂, . . . 607 _(S), respectively. Thedifferent session object attributes correspond to different columnswithin the table 723.

For simplicity, the particular table 723 of FIG. 7 is drawn so as toonly apply to session domain 704. In an implementation, table 723 is asegment of a larger table in database 714 whose organization reflectsthe hierarchy of an entire session domain context as observed in FIG. 4.For example, the first table column may be reserved to identify thecontext, the second table column may be reserved to identify theparticular session domain within the session context (e.g.,root/session_domain_(—)1), and, the third table column may include thesessionID (which has been depicted as the first table column in FIG. 7).A row for a particular session is therefore accessible by matching onthe first three columns in the table.

The plug-in 711 is primarily responsible for, in response to the commandactivity 731 presented at the persistent storage interface 710, creatingand deleting rows in the table 723 as well as reading from and writingto the rows in the table 723. According to a further implementation, asimilar table is created in the database for each in-memory sessiondomain that is persisted to the database 714.

According to one embodiment, the following set of generic commands maybe presented at the session storage interface 610 for purposes ofmanaging the persisted session domain as a whole. Communicative flow 732is meant to depict this high level management view. Input arguments forthe command methods are presented in parenthesis. Note that, consistentwith the discussion provided above with respect to FIG. 5, in order toprovide different types of persistent storage transparently to higherlayers of software within the computing system (e.g., a sessionmanagement layer and/or one or more applications), the command set isidentical to the command set discussed above in FIG. 6 with respect tofile systems. The only difference is the operations performed by thecorresponding plug-ins 611, 711.

1. Create_Model (sessionID). The “Create_Model” command creates a row inthe database table 723 for a specific session. As described above,according to one implementation, a unique session object is created foreach unique session. When the computing system recognizes a new session,a new session object is created for that session, a session domain forthat session object is identified or created, and, the Create Modelcommand is called at the persistent storage interface 710 for thesession domain 704. In response to the Create Model command, the plug-in711 (e.g., through a “model” object) creates a row in the table for thenew session. When a new session is created it is assigned anidentification code—referred to as the “SessionID”. In one embodiment,the persistence storage interface 610 creates a mapping between thesession object, the persistence model object for that session and aspecific row in the database table 723. That is, in this embodiment aone-to-one correspondence exists between sessions within the sessiondomain 604 and model objects managed by the persistent storage interface610. As session data is modified, the mapping ensures that the sessiondata stored within the database remains consistent with the sessionobject.

Here, if per-session domain persistent storage interfaces areinstantiated, the interface 710 need only be given the SessionID as theinput argument in order to perform the appropriate operations upon thefile system (assuming the interface 710 is configured to “know” asbackground information the identity of the database it interfaces to aswell as the session domain it services). The remainder of the commandsbelow are described so as to apply to per-session domain persistentstorage interfaces, but, the arguments given with the commands could beextended to include the identity of the session domain if persistencestorage interfaces are instantiated per database, or the identity of thesession domain and a specific database if per-database type interfacesare instantiated.

2. Get_Model (sessionID). The “Get Model” command retrieves the entirepersisted content for a session. Thus, for example, if the GetModelcommand where executed for the session for which row 751 was created,the model object within the plug-in 711 would read each of the Jattribute files in row 751 from the database table 723.

Remove_Model(model). The “Remove Model” command essentially deletes thepersisted information for a particular session. For example, if theRemove Model command were executed for the session for which row 751 wascreated, the model object within the plug-in 711 would delete row 751from the database table 723. A Remove Model command is often executedfor a session after the session has been deemed no longer functioning(e.g., “expired”, “corrupted”, etc.).

Iterator. The “Iterator” command returns an “Iterator” object havingvisibility into all rows in the database table 723. According to oneembodiment, the interface 710 creates the iterator object so that itexecutes a sequence of “Get Attribute(s)” commands at the interface 710(specifically, one “Get Attribute(s)” command for each row within thetable 723), where, the desired attribute(s) are specified by the callerof the “Iterator” command. In this manner, the same one or moreattributes can be retrieved from each row in the database table 723.

Iterator_All_Expired. The “Iterator_All_Expired” command operatessimilarly to the Iterator command, except that the created Iteratorobject only has visibility into the session directories of sessions thatare deemed expired. According to an implementation, the interface 710first identifies those sessions that are deemed expired and then createsan Iterator object whose sequence of Get Attribute(s) commands only readinto those session directories identified as being expired. In order forthe interface 710 to determine which sessions have expired, the sessionattributes can be configured to include information sufficient for thedetermination to be made.

For example, one of the attributes within each session object (andcorresponding database table column) is the time at which thecorresponding session is deemed to be expired. If the model objectwithin the plug-in 711 reads this attribute and the present time isbeyond the time recorded in the attribute, the session is deemed“expired” (accordingly, note that the model object within the plug-in711 should write the expiration time for a session into the appropriatecolumn of the session's corresponding session database table row eachtime a new request is received for the session).

Remove_All_Expired. The “Remove_All_Expired” command is used to deleteall rows from a session domain's database table whose correspondingsessions are deemed expired. Here, consistent with the discussionprovided just above with respect to the Interator_All_Expired command,session rows can be identified as being expired if they are designed tocontain an attribute that identifies them as being expired; or, if therow attributes contains information sufficient for the interface 710 todetermine which sessions are expired.

Whereas the above commands provide session domain-wide managementfunctions for a persisted session domain, in a further embodiment, theinterface 710 and the relevant model object within its plug-in 711 arealso written to support the following command set for managing theinformation that is persisted for a particular session (i.e., formanaging a particular row's information). Each of the commands below canbe assumed to be identified to the interface 710, in some way, aspertaining to a particular session within the session domain.

Get_Session_ID. Execution of the Get_Session_ID command causes the modelobject within the plug-in 711 to read the sessionID for the particularsession that the command is called on behalf of.

Get_Expiration_Time. Execution of the Get_Expiration_Time command causesthe model object within the plug-in 711 to read the expiration time forthe particular session that the command is called on behalf of.

3. Update_Expiration_Time (maximum inactive time interval). Execution ofthe Get_Expiration_Time command causes the plug-in 711 to write a newexpiration time for the particular session that the command is called onbehalf of. According to one implementation, as observed above, themaximum inactive time interval is presented as an input argument for theUpdate_Expiration_Time command. Here, the expiration time is calculatedby the interface 710 (or the model object within its plug-in 711) simplyby adding the maximum inactive time interval to the present time.

In an embodiment, even though the maximum inactive time interval is moreproperly viewed as session management criteria information, the inactivetime interval is “tagged along with” the expiration time or isrecognized as its own separate attribute within the client's sessionstate information. Typically, a new expiration time is calculated witheach newly arriving request for a particular session (or, with eachcompleted request/response cycle for a particular session).

Get_Attribute(s) (attribute(s)). Execution of the Get_Attribute(s)command causes the model object within the plug-in 711 to read one ormore specific attributes identified by the caller of the command (e.g.,the session management layer or an application). The “attribute(s)”argument identifies the specific attribute(s) (i.e., specific tablecolumn(s)) that are to be retrieved. Typically, the attributes that arerecorded should be largely if not completely independent of the type ofpersistent storage employed. Hence, the same set of attributes discussedabove with respect to the Get_Attribute(s) command for file systems canbe used for database persistence. For substantially the same reasonsdescribed above with respect to file system's, the ability tospecifically target only certain portions of a persisted session objectresults in more efficient operation as compared to an environment whereonly the entire content of a session object's contents can be read fromor written to persistence.

Note that, according to an implementation, all attributes areindividually accessible—not just those used for the storage of graphicsfiles. Here, communicative flows 734 ₁ through 734 _(S) are meant toconvey the individual accessibility of each of the persisted attributesacross the database table's row structure. In an implementationalternative to that described above, only a singleton “attribute” ispresented as an input argument and separate Get Attribute(attribute)commands have to be called to retrieve more than one attribute.

Put_Attribute(s)(attribute(s)). Execution of the Put_Attribute(s)command enables the writing of individual attributes into persistentstorage consistent with the same principles outlined above for theGet_Attribute(s) command. Notably, in an implementation, execution of aGet_Attribute(s) or Put_Attribute(s) command does not involveserialization of the attribute data.

Get_Attribute(s)_Serialized(attributes(s)). Execution of theGet_Attribute(s)_Serialized command is essentially the same as theGet_Atribute(s) command described above, except that the persistencestorage interface 710 (or the model object within the plug-in 711)performs deserialization on attribute data read from persistent storage.

Put_Attribute(s)_Serialized(attributes(s)). Execution of thePut_Attribute(s)_Serialized command is essentially the same as thePut_Atribute(s) command described above, except that the persistencestorage interface 710 (or the model object within the plug-in 711)performs serialization on attribute data written to persistent storage.

According to one implementation, session management criteria informationfor a particular session domain (e.g., maximum inactive time interval,maximum number of outstanding requests, access policy, etc.) is kept inthe in-memory session domain 704 separately from the session domain'ssession objects 708 ₁ through 708 _(S) (e.g., in another object notshown in FIG. 7); and, is persisted to another table (also not shown inFIG. 7) in the session domain's persistent storage 723. Here, keepingthe session management criteria separate from the session stateattributes in table 723 should result in efficiencies and isolation fromclocking issues similar to those described above with respect to theUpdate_Expiration_Time command for file system persistent storage.

3.0 Shared Closures

FIG. 8 shows a prior art computing system 800 having N virtual machines113, 213, . . . N13. The prior art computing system 800 can be viewed asan application server that runs and/or provides web applications and/orbusiness logic applications for an enterprise (e.g., a corporation,partnership or government agency) to assist the enterprise in performingspecific operations in an automated fashion (e.g., automated billing,automated sales, etc.).

The prior art computing system 800 runs are extensive amount ofconcurrent application threads per virtual machine. Specifically, thereare X concurrent application threads (112 ₁ through 112 _(X)) running onvirtual machine 113; there are Y concurrent application threads (212 ₁through 212 _(Y)) running on virtual machine 213; . . . and, there are Zconcurrent application threads (N12 ₁ through N12 _(Z)) running onvirtual machine N13; where, each of X, Y and Z are a large number.

A virtual machine, as is well understood in the art, is an abstractmachine that converts (or “interprets”) abstract code into code that isunderstandable to a particular type of a hardware platform. For example,if the processing core of computing system 800 included PowerPCmicroprocessors, each of virtual machines 113, 213 through N13 wouldrespectively convert the abstract code of threads 112 ₁ through 112_(X), 212 ₁ through 212 _(Y), and N12 ₁ through N12 _(Z) intoinstructions sequences that a PowerPC microprocessor can execute.

Because virtual machines operate at the instruction level they tend tohave processor-like characteristics, and, therefore, can be viewed ashaving their own associated memory. The memory used by a functioningvirtual machine is typically modeled as being local (or “private”) tothe virtual machine. Hence, FIG. 1 shows local memory 115, 215, N15allocated for each of virtual machines 113, 213, . . . N13 respectively.

A portion of a virtual machine's local memory may be implemented as thevirtual machine's cache. As such, FIG. 1 shows respective regions 116,216, . . . N16 of each virtual machine's local memory space 115, 215, .. . N15 being allocated as local cache for the corresponding virtualmachine 113, 213, . . . N13. A cache is a region where frequently useditems are kept in order to enhance operational efficiency.Traditionally, the access time associated with fetching/writing an itemto/from a cache is less than the access time associated with otherplace(s) where the item can be kept (such as a disk file or externaldatabase (not shown in FIG. 8)).

For example, in an object-oriented environment, an object that issubjected to frequent use by a virtual machine (for whatever reason) maybe stored in the virtual machine's cache. The combination of the cache'slow latency and the frequent use of the particular object by the virtualmachine corresponds to a disproportionate share of the virtual machine'sfetches being that of the lower latency cache; which, in turn,effectively improves the overall productivity of the virtual machine.

A problem with the prior art implementation of FIG. 8, is that, avirtual machine can be under the load of a large number of concurrentapplication threads; and, furthermore, the “crash” of a virtual machineis not an uncommon event. If a virtual machine crashes, generally, allof the concurrent application threads that the virtual machine isactively processing will crash. Thus, if any one of virtual machines113, 213, N13 were to crash, X, Y or Z application threads would crashalong with the crashed virtual machine. With X, Y and Z each being alarge number, a large number of applications would crash as a result ofthe virtual machine crash.

Given that the application threads running on an application server 100typically have “mission critical” importance, the wholesale crash ofscores of such threads is a significant problem for the enterprise.

FIG. 9 shows a computing system 200 that is configured with lessapplication threads per virtual machine than the prior art system ofFIG. 8. Less application threads per virtual machine results in lessapplication thread crashes per virtual machine crash; which, in turn,should result in the new system 200 of FIG. 9 exhibiting betterreliability than the prior art system 800 of FIG. 8.

According to the depiction of FIG. 9, which is an extreme representationof the improved approach, only one application thread exists per virtualmachine (specifically, thread 122 is being executed by virtual machine123; thread 222 is being executed by virtual machine 223; . . . and,thread M22 is being executed by virtual machine M23). In practice, thecomputing system 200 of FIG. 9 may permit a limited number of threads tobe concurrently processed by a single virtual machine rather than onlyone.

In order to concurrently execute a comparable number of applicationthreads as the prior art system 800 of FIG. 8, the improved system 900of FIG. 9 instantiates more virtual machines than the prior art system800 of FIG. 8. That is, M>N.

Thus, for example, if the prior art system 800 of FIG. 8 has 10application threads per virtual machine and 4 virtual machines (e.g.,one virtual machine per CPU in a computing system having four CPUs) fora total of 4×10=40 concurrently executed application threads for thesystem 800 as a whole, the improved system 900 of FIG. 9 may only permita maximum of 5 concurrent application threads per virtual machine and 6virtual machines (e.g., 1.5 virtual machines per CPU in a four CPUsystem) to implement a comparable number (5×6=30) of concurrentlyexecuted threads as the prior art system 100 in FIG. 9.

Here, the prior art system 800 instantiates one virtual machine per CPUwhile the improved system 900 of FIG. 9 can instantiate multiple virtualmachines per CPU. For example, in order to achieve 1.5 virtual machinesper CPU, a first CPU will be configured to run a single virtual machinewhile a second CPU in the same system will be configured to run a pairof virtual machines. By repeating this pattern for every pair of CPUs,such CPU pairs will instantiate 3 virtual machines per CPU pair (whichcorresponds to 1.5 virtual machines per CPU).

Recall from the discussion of FIG. 8 that a virtual machine can beassociated with its own local memory. Because the improved computingsystem of FIG. 9 instantiates more virtual machines than the prior artcomputing system of FIG. 8, in order to conserve memory resources, thevirtual machines 123, 223, . . . M23 of the system 900 of FIG. 9 areconfigured with less local memory space 125, 225, . . . M25 than thelocal memory 115, 215, . . . N15 of virtual machines 113, 213, . . . N13of FIG. 8. Moreover, the virtual machines 123, 223, . . . M23 of thesystem 900 of FIG. 9 are configured to use a shared memory 230. Sharedmemory 230 is memory space that contains items that can be accessed bymore than one virtual machine (and, typically, any virtual machineconfigured to execute “like” application threads that is coupled to theshared memory 230).

Thus, whereas the prior art computing system 800 of FIG. 8 uses fewervirtual machines with larger local memory resources containing objectsthat are “private” to the virtual machine; the computing system 900 ofFIG. 9, by contrast, uses more virtual machines with less local memoryresources. The less local memory resources allocated per virtual machineis compensated for by allowing each virtual machine to access additionalmemory resources. However, owing to limits in the amount of availablememory space, this additional memory space 230 is made “shareable”amongst the virtual machines 123, 223, . . . M23.

According to an object oriented approach where each of virtual machines123, 223, . . . N23 does not have visibility into the local memories ofthe other virtual machines, specific rules are applied that mandatewhether or not information is permitted to be stored in shared memory230. Specifically, to first order, according to an embodiment, an objectresiding in shared memory 230 should not contain a reference to anobject located in a virtual machine's local memory because an objectwith a reference to an unreachable object is generally deemed “nonuseable”.

That is, if an object in shared memory 230 were to have a reference intothe local memory of a particular virtual machine, the object isessentially non useable to all other virtual machines; and, if sharedmemory 230 were to contain an object that was useable to only a singlevirtual machine, the purpose of the shared memory 230 would essentiallybe defeated.

In order to uphold the above rule, and in light of the fact that objectsfrequently contain references to other objects (e.g., to effect a largeprocess by stringing together the processes of individual objects;and/or, to effect relational data structures), “shareable closures” areemployed. A “closure” is a group of one or more objects where everyreference stemming from an object in the group that references anotherobject does not reference an object outside the group. That is, all theobject-to-object references of the group can be viewed as closing uponand/or staying within the confines of the group itself. Note that asingle object without any references stemming from it can be viewed asmeeting the definition of a closure.

If a closure with a non shareable object were to be stored in sharedmemory 230, the closure itself would not be shareable with other virtualmachines, which, again, defeats the purpose of the shared memory 230.Thus, in an implementation, in order to keep only shareable objects inshared memory 230 and to prevent a reference from an object in sharedmemory 230 to an object in a local memory, only “shareable” (or“shared”) closures are stored in shared memory 230. A “shared closure”is a closure in which each of the closure's objects are “shareable”.

A shareable object is an object that can be used by other virtualmachines that store and retrieve objects from the shared memory 230. Asdiscussed above, in an embodiment, one aspect of a shareable object isthat it does not possess a reference to another object that is locatedin a virtual machine's local memory. Other conditions that an objectmust meet in order to be deemed shareable may also be effected. Forexample, according to a particular Java embodiment, a shareable objectmust also posses the following characteristics: 1) it is an instance ofa class that is serializable; 2) it is an instance of a class that doesnot execute any custom serializing or deserializing code; 3) it is aninstance of a class whose base classes are all serializable; 4) it is aninstance of a class whose member fields are all serializable; 5) it isan instance of a class that does not interfere with proper operation ofa garbage collection algorithm; 6) it has no transient fields; and, 7)its finalize ( ) method is not overwritten.

Exceptions to the above criteria are possible if a copy operation usedto copy a closure into shared memory 230 (or from shared memory 230 intoa local memory) can be shown to be semantically equivalent toserialization and deserialization of the objects in the closure.Examples include instances of the Java 2 Platform, Standard Edition 1.3java.lang.String class and java.util.Hashtable class.

A container is used to confine/define the operating environment for theapplication thread(s) that are executed within the container. In thecontext of J2EE, containers also provide a family of services thatapplications executed within the container may use (e.g., (e.g., JavaNaming and Directory Interface (JNDI), Java Database Connectivity(JDBC), Java Messaging Service (JMS) among others).

Different types of containers may exist. For example, a first type ofcontainer may contain instances of pages and servlets for executing aweb based “presentation” for one or more applications. A second type ofcontainer may contain granules of functionality (generically referred toas “components” and, in the context of Java, referred to as “beans”)that reference one another in sequence so that, when executed accordingto the sequence, a more comprehensive overall “business logic”application is realized (e.g., stringing revenue calculation, expensecalculation and tax calculation components together to implement aprofit calculation application).

It should be understood that the number of threads that a virtualmachine in the improved system of FIG. 9 can concurrently entertainshould be limited (e.g., to some fixed number) to reduce the exposure toa virtual machine crash. For example, according to one implementation,the default number of concurrently executed threads is 5. In a furtherimplementation, the number of concurrently executed threads is aconfigurable parameter so that, conceivably, for example, in a firstsystem deployment there are 10 concurrent threads per virtual machine,in a second system deployment there are 5 concurrent threads per virtualmachine, in a third system deployment there is 1 concurrent thread pervirtual machine. It is expected that a number of practical systemdeployments would choose less than 10 concurrent threads per virtualmachine.

3.1 Shared Memory “Persistence” with Shared Closures

With respect to the improved computing system 900 of FIG. 9, note thatthe shared memory 230 can be used as a persistence layer for computingsystem 900 that provides for failover protection against a virtualmachine crash. That is, if session domain information for a particularsession is “persisted” into shared memory 230 as a shared closure and avirtual machine within system 900 that has been assigned to handle thesession crashes, another virtual machine within system 900 can “pick-up”the session because of its access to the session information in sharedmemory 230. Aspects of session handling and failover protection inshared closure/shared memory environments have already been described inU.S. patent application Ser. No. 11/024,924, filed, Dec. 28, 2004,entitled, “Failover Protection From A Failed Worker Node In A SharedMemory System,” by Christian Fleischer; Galin Galchev; Frank Kilian;Oliver Luik; and Georgi Stanev; U.S. patent application Ser. No.11/025,525, filed Dec. 28, 2004, entitled, “Connection Manager ThatSupports Failover Protection,” by Christian Fleischer and Oliver Luik;U.S. patent application Ser. No. 11/025,514, filed Dec. 28, 2004,entitled, “API For Worker Node Retrieval Of Session Request,” by GalinGalchev; U.S. patent application Ser. No. 11/024,552, filed Dec. 28,2004, entitled, “System And Method For Serializing Java Objects OverShared Closures,” by Georgi Stanev; and U.S. patent application Ser. No.11/025,316, filed Dec. 28, 2004, entitled, “System And Method ForManaging Memory Of Java Objects,” by Georgi Stanev. All of which areassigned to the assignee of the present application.

Storing session information in shared memory as its primary storage arearesults in an overlap between both the “in memory” and “persistence”storage concepts. That is, if session information is stored in sharedmemory 230 as its primary storage area, the computing system 900 shouldenjoy both the speed of “in memory” storage and internal failoverprotection offered by internal “persistent” storage. As described inmore detail below, in case failover protection is desired outside thecomputing system 900 (so that another computing system can “pick up” asession dropped by system 900), the session information can also bepersisted to an external persistent storage resource (e.g., database,RAID system, tape drive, etc.).

FIG. 10 shows an approach in which the “in-memory” session domainhierarchy scheme described with respect to FIG. 4 is essentiallyimplemented within a shared closure based shared memory 1030. Here, thefeatures of the shared memory context 1002, root 1003 and sessiondomains 1004 ₁ through 1004 _(Y) may be the same as those described withrespect to the context 402, root 403 and session domains 404 ₁ through404 _(Y) described with respect to FIG. 4. It is worth noting that thehierarchical session domain approach described with respect to FIG. 4may not only be implemented within the shared memory of a computingsystem that embraces shared closure/shared memory technology (asdescribed with respect to FIG. 9), but also may be implemented withinthe local memory of a virtual machine in a prior art computing systemthat does not embrace shared closure/shared memory technology (asdescribed with respect to FIG. 8).

FIG. 10 shows each of items 1007 ₁ through 1007 _(S) as containingsession state information. Because each of the session domains 1003 and1004 ₁ through 1004 _(Y) observed in FIG. 10 are accessible to multiplevirtual machines (making their contents shareable to the virtualmachines), FIG. 10 likewise refers to these session domains as “shared”session domains.

According to one approach, a persistent storage interface is not neededfor access to the contents of a shared session domain in shared memory1030 because the contents essentially reside “in-memory” (i.e., areaccessible with a proper memory address). Similar to theGet_Attribute(s) command available for file system and databasepersistent storages, individual attributes of a particular session areindividually accessible from shared closure shared memory as well (e.g.,transfer 1025 shows a single attribute of user data 1007 ₁ being readinto local memory). According to one embodiment, a hash-mapping functionis used to directly access a specific attribute from a specificsession's session state information. Here, the hash-mapping functionemploys a namespace in which the name of the session and the name of thedesired attribute are used to uniquely identify the particular attributein shared memory.

The ability to fetch attributes individually from shared memory 1030should result in efficiency gains like those described above withrespect to the Get_Attribute(s) command for file systems and databases.For example, if the session management layer (or an application) needsjust the expiration time, only the expiration time is read from sharedmemory 1030 into local memory 1015. Undesired large graphics files (forinstance) within the session state information are not transferred(i.e., remain in shared memory 1030) which corresponds to conservationof computing system resources.

Note that a virtual machine typically “runs” off of local memory. Arunning session management or application routine therefore runs off oflocal memory as well (through a virtual machine). When a certain objectexisting in shared memory as its own shared closure (i.e., the objectdoes not contain a reference to another object in shared memory nor isreferenced by another object in shared memory) is needed by a runningprocess, it is called into the local memory of the virtual machinerunning that process. Here, activity 1028 is meant to depict the use ofa session state attribute read into local memory 1015 from shared memory1030.

FIG. 11 a shows a depiction of session state information 1107 as storedin shared closure shared memory for a single session. For instance,session state information 1107 of FIG. 11 can be viewed as a deeper viewof the contents of session state information 1007 ₁ of FIG. 10.Consistent with the file system and database persistence strategies,FIG. 11 shows the session state information for a particular session asbeing broken down into J separately accessible attributes 1110 ₁ through1110 _(J). In an implementation, in order to make the attributesseparately accessible and to be consistent with shared closuresemantics, each attribute corresponds to its own shared closure (e.g.,one object per attribute where no attribute object contains a referenceto another attribute object). Note that a session domain 1027 may beestablished in local memory 1015 for session data associated with sharedsession domain 1004 ₁ (i.e., session domains may be setup in localmemory 1015 having a one-to-one correspondence with shared sessiondomains that reside in shared memory).

Discussed at length above was the notion that more efficient operationsmay be realized if session management criteria information is persistedseparately from session state information (see the end of sections 2.1and 2.2 above, respectively). FIG. 10 shows a shared closure 1009 withinsession domain 1004 ₁ that contains session management criteriainformation for the shared session domain 1004 ₁. Here, transfer 1026 ismeant to show that the session management criteria (through sharedclosure 1009) can be transferred separately from session stateinformation between shared memory 1030 and local memory 1015 so that,for instance, implementation of session management policies can be runfrom local memory 1015 without requiring session state information to betransferred between local and shared memory. Activity 1029 is meant todepict the use of session management criteria information read intolocal memory from shared memory 1030.

FIG. 11 b shows a detailed embodiment of a session management criteriashared closure 1109 (such as session management criteria shared closure1009 of FIG. 10). As observed in FIG. 11 b, the shared closure 1109includes both an expiration management table 1120 and the sessiondomain's session management criteria 1124 (e.g., maximum inactive timeinterval, maximum number of outstanding requests, access policy, etc.).Because of unique functional opportunities that exist as an artifact ofhaving a shared memory approach, as described in more detail furtherbelow, the expiration management table 1120 allows any modification toone of a session domain's sessions (e.g., attribute modification to anexisting session, addition of a new session, deletion of a completedsession) to be used as a trigger to identify and drop all expiredsessions within that session domain.

In one embodiment, the table 1120 is contained by a single object. Infurther embodiments, the table's object does not refer to nor isreferenced by any objects associated with the session managementcriteria 1124 (or other object outside the table) and hence does notform part of a shared closure with the session management criteria (orother object). As such, the object containing table 1120 can be read inand out of shared memory as its own shared closure. In anotherembodiment, the table 1120 is implemented as a collection of objects inthe form of a shared closure.

As seen in FIG. 11 b, the session management table may be configured toinclude the expiration time 1122 for each session in the sessionmanagement table's corresponding session domain (where each session isidentified by its sessionID 1121). Here, a table can be viewed as a datastructure having an ordered design in which an item of a certain type ofdata belongs in a certain region within the data structure. FIGS. 12,13, 14, and 15 a,b,c demonstrate different operational flows employing asession management table (such as table 1120 of FIG. 11 b) that may beused to perform session management tasks for the sessions associatedwith a session domain. Each of these flows are discussed in secessionimmediately below.

FIG. 12 shows an operational flow for the processing of a request for analready established, existing session. According to the flow diagram ofFIG. 12, when a process being run by a virtual machine processes arequest for a session, the session management table from that session'ssession domain is first copied 1201 into the local memory of the virtualmachine. Note that, referring back to the session management tableembodiment 1120 of FIG. 11 b, the table may also include a column 1123that identifies, for each session in the session domain, whether or notthe session is “available”. According to one implementation, certaintypes of sessions are “distributed” which means that more than onevirtual machine is able to process a request. If different requests froma same session are distributed to different virtual machines it ispossible at least in some circumstances that a first virtual machine maybe actively processing a first request while a second virtual machineattempts to process a second request from the same session.

The available column 1123 is used to specify whether or not a session isalready being “dealt with” elsewhere (e.g., by another virtual machine).Thus, according to FIG. 12, after the table is copied into local memory1201, the available column for the session that the virtual machinerunning off of the local memory (“the local virtual machine”) isattempting to process a request for is checked to see if the session isavailable 1202. If a session is currently being handled by anothervirtual machine (i.e., the session is unavailable), the local virtualmachine will find some kind of affirmative indication in theavailability column and will delay its attempt to process the request ata later time (in which case an updated session management table havingan, updated expiration time will be copied into local memory).

If the session is not currently being handled by another virtual machine(i.e., the session is available), the local virtual machine will findsome affirmative indication in the availability column, and then updateshared memory to include a session management table showing that thesession is now unavailable (i.e., the local virtual machine causes theavailable column for the session in shared memory to be marked as beingunavailable). The virtual machine will then process the session'srequest which may involve the modification 1203 of various attributesassociated with the session (such as the addition, deletion ormodification of large graphics files, updating the state of the client'sweb browser, etc.).

Here, as described with respect to FIG. 10, any specific alreadyexisting attributes that need to be used or modified may be directlycopied into local memory from shared memory 1025 without copying overany unwanted/unneeded attributes. Upon completion of the processing ofthe session's request one or more of the attributes that were copiedinto local memory may have been modified (or a new attribute may havebeen created). If so, the new attribute information is written into thesession's session state shared closure; and, the session managementtable that resides in local memory is modified to reflect the newexpiration time for the session (by adding the maximum inactive timeinterval to the present time) and that the session is now “available”,and then, is written into the shared memory 1204.

FIGS. 13 and 14 show processes for adding and deleting sessions,respectively. For both processes, again, the session management table inshared memory is copied into the local memory of the virtual machinethat intends to add or delete a session to/from the session domain. Notethat copying the session management table leaves a version in sharedmemory so that other sessions in the session domain can be concurrentlyprocessed. This property is also true with respect to the requestprocessing described above in FIG. 12 (i.e., an available session otherthan the session being referred to in FIG. 12 can be concurrentlyprocessed because the session management table in shared memory properlyis accurate with respect to that other session).

In the case of the addition of a new session, the local virtual machineadds a new session entry to the local copy of the session managementtable 1302. In the case of the deletion of a session (e.g., because thesession has been completed), the local virtual machine deletes anexisting session entry from the local copy of the session managementtable 1402. In the case of the addition of a new session, any attributesthat are to be written for the new session are written into the newsession's session state shared closure in shared memory; and, theupdated session management table in local memory is written into sharedmemory 1303. In the case of the deletion of an existing session, thesession state shared closure for the session is deleted from sharedmemory; and, the updated session management table in local memory iswritten into shared memory 1403.

FIG. 15 demonstrates a process that identifies and removes all sessionsin a session domain that have expired. Notably, the process of FIG. 15may be combined with any of the processes described just above withrespect to FIGS. 12, 13 and 14. According to the process of FIG. 15, thesession management table is copied into local memory 1501. Here, thecopy operation 1501 of FIG. 15 may be the same copy operation 1201,1301, 1401 of FIGS. 12, 13 and 14, respectively. Once the table has beencopied into local memory, the table is iterated through to see if any ofthe sessions within the session domain have expired (by comparing theirexpiration time against the present time) 1502.

Those sessions that are deemed expired are then deleted from the sessionmanagement table 1503. Then, the updated session management table iswritten into shared memory 1504. Here, the writing 1504 of the updatedsession management table into shared memory of FIG. 15 may be the samewrite operation 1204, 1303, 1403 of FIGS. 12, 13, and 14 respectively.Likewise, processes 1502, 1503 may be performed concurrently and/or inseries, alone or in combination with any of processes 1202, 1203, 1302and 1402 of FIGS. 12, 13 and 14 respectively.

FIGS. 16 through 18 relate to the deployment of applications that areeasily configured for a particular type of computing system, and, aparticular persistent storage strategy defined by those who aredeploying the applications. Importantly, low level details such aswhether the targeted computing system is a “shared memory/sharedclosure” system (such as described above with respect to FIG. 9), or, isa not a “shared memory/shared closure” system (such as described abovewith respect to FIG. 8) are transparent to the deployer. A “scope” ofpersistence is merely defined at deployment time, and, the deploymentprocess automatically configures the targeted computing system in lightof the targeted computing system's capabilities.

FIG. 16 shows a deployment descriptor 1600 for defining the persistencestrategy for one or more session domains. As is know in the art, adeployment descriptor is (often a text file or document) used to defineparticular variables that typically, are left as being “configurable”for the end-user who is deploying the software; and/or, depend on or arespecific to the underlying platform (hardware and/or software) that thesoftware is being deployed onto/into. Here, depending on implementation,a single deployment descriptor 1600 may define the persistence strategyfor an entire computing system, groups of applications, a singleapplication, groups of session domains or a single session domain.

The basic deployment descriptor embodiment 1600 of FIG. 16 includes adisable parameter 1601, frequency of persistence parameters 1602, 1603and scope of persistence parameters 1604, 1605. The DISABLE parameter1601 defines whether or not persistence is to be used. If the DISABLEparameter 1601 is affirmatively marked, in the case of computing systemsthat do not use failover protection through a shared memory feature(such as the prior art computing system 800 of FIG. 8), whatever sessiondomain(s) that the deployment descriptor 1600 defines the strategy forwill not instantiate a persistence storage interface (such as thosedescribed with respect to FIGS. 5, 6 and 7). In the case of computingsystems that implement failover protection through a shared memoryfeature, the code that actually performs the failover protection is notactivated, in some fashion, for the session domain(s) that thedeployment descriptor 1600 defines the persistence storage strategy for.

The frequency parameters 1602, 1603 define the frequency at whichsession state information is persisted. If the ON_REQUEST parameter 1602is affirmatively marked, session state information is persisted eachtime a request is processed (e.g., generally, the process of generatinga response for the request) for a session whose session domainpersistence strategy is defined by the deployment descriptor. If theON_ATTRIBUTE parameter 1603 is affirmatively marked, session stateinformation is persisted only if a session state attribute is changed asa consequence of processing a request. In an implementation, theexpiration time is always persisted upon the generation of a new requestirrespective of the ON_REQUEST or ON_ATTRIBUTE setting.

The scope parameters 1604, 1605 define what “level” or “depth” ofpersistence is to be implemented for the session domain(s) whosepersistence strategy is defined by the deployment descriptor 1600. Theterm “instance”, according to FIGS. 16, 17 and 18, refers to a singlecomputing system. If the INSTANCE_WIDE parameter 1604 is affirmativelymarked, the persistent storage for the session(s) that the deploymentdescriptor corresponds to is implemented within the computing systemthat software being deployed is deployed onto. Referring back to FIGS. 8and 9, recall that virtual machines occasionally crash, and that,multiple virtual machines are instantiated within a single computingsystem. Here, instance wide persistence can be used for a computingsystem's own “internal” session failover protection. For example, asession that is handled by a first virtual machine—which crashes duringthe session—may be saved by second virtual machine that takes over thehandling of the session, where, both virtual machines are instantiatedwithin the same computing system.

The term “cluster” refers to a group of computing systems. FIG. 17depicts a simple cluster of P computing systems 1702 ₁ through 1702 _(P)that are coupled together through a dispatcher 1701 at the cluster's“front-end” and a database 1703 at the cluster's “back-end”. Typically,particularly in high performance data processing centers, many if notall of the computing systems 1702 ₁ through 1702 _(P) contain one ormore of the same software applications.

Requests from clients are received by the dispatcher 1701, and thedispatcher 1701 determines, for each received request, which computingsystem is most fit to handle the request. In many cases, in the case ofalready existing sessions, the dispatcher will send the request to thecomputing system that processed the immediately previous request. In thecase of requests that correspond to the first request of a new session,the dispatcher 1701 will determine which computing system (amongst thosehaving the software capable of processing the client's request) shouldreceive the request (e.g., based on a load balancing algorithm).

Because the computing systems are each coupled to a database 1703, it ispossible to have inter-system session failover. That is, if a session isbeing handled by a first computing system (e.g., computing system 1702₁) that persists the session's session domain information into thedatabase 1703, and if that computing system suffers a complete failure,another computing system (e.g., computing system 1702 _(P)) will be ableto read the persisted session domain information from the database 1703and carry the session forward to completion. Thus, referring back toFIG. 16, if the CLUSTER_WIDE parameter 1605 is affirmatively marked, thepersistent storage for the session(s) that the deployment descriptorcorresponds to is to the computing system that the deployed software isbeing deployed on. The external persistent storage is presumablyaccessible to other computing systems (not necessarily all computingsystems) within the cluster.

Importantly, certain application software may be deployable on both: 1)a computing system that does not embrace a shared memory structure thatcan be used for instance wide session failover protection (such as thecomputing system 800 of FIG. 8); and, 2) a computing system that doesembrace a shared memory structure that does embrace a shared memorystructure that can be used for instance wide session failover protection(such as computing system 900 of FIG. 9). In the former case instancewide failover protection should be implemented on an internal filesystem, and, in the later case, instance wide failover protection shouldbe implemented with shared memory.

Moreover, preferably, the end user who is attempting to deploy thesoftware should not have to comprehend whether file system persistenceor shared memory persistence is appropriate. From the end-user'sperspective, all that should need to be defined is whether thepersistence is instance-wide or cluster-wide. The deployment descriptorembodiment of FIG. 16 is consistent with this perspective.

FIG. 18 shows a deployment process that can properly implement instancewide persistence on non-shared memory and shared memory systems alikeeven though the deployment descriptor does not articulate the propertype of persistent storage technology (file system or shared memory).According to the deployment process of FIG. 18, as a basic example, itis assumed that the session domain for which a deployment descriptor isprepared and deployed pertains only to a single application (i.e., thedeployment descriptor defines the persistence strategy for a singleapplication. Of course, consistent with statements made earlier above,the session domain range of a deployment descriptor can be made to varyfrom embodiment to embodiment.

Referring to FIG. 18, a deployment descriptor that defines anapplication's persistent storage strategy is first created and deployedto a computing system 1801. The deployment descriptor is read by thecomputing system that the descriptor was deployed to, and, a sessiondomain is created for the descriptor's corresponding application 1802.Importantly, the deployed to computing system “knows” whether itsinstance wide persistence is a file system or shared memory. That is, acomputing system that does not include shared memory technology willinterpret a setting of “instance wide” in the deployment descriptor as adirective to implement file system persistent storage 1804, 1806. Assuch a file system persistent storage interface will be instantiated forthe application's session domain 1806.

By contrast, a computing system that does include shared memorytechnology will interpret a setting of “instance wide” in the deploymentdescriptor as a directive to use shared memory as the persistent storage1805, 1808. As such, a persistent storage interface will not beinstantiated for the application's session domain 1808. Irrespective ofthe type of computing system being deployed to, a setting of “clusterwide” in the deployment descriptor will be interpreted by both systemsas a directive to employ an external database (or external file system,external RAID system or external tape drive if that happens to be theexternal persistence solution) 1804, 1807 and 1805, 1809. In either ofthese cases a database persistent storage interface will be instantiatedfor the application's session domain.

Moreover, conceivably, more than one persistent storage solution may bespecified for a particular session domain. For example, in the case of afile system without shared memory technology, if both “instance wide”and “cluster wide” persistence is affirmatively marked in the deploymentdescriptor, an internal file system persistent storage interface and anexternal database persistent storage interface will be instantiated forthe application's session domain. In more elaborate embodiments thedeployment descriptor may be made to contain more specific information.For example, in the case where multiple internal or external persistentstorage solutions are available, the deployment descriptor mayparticularly specify which persistent storage solution is to be used forthe descriptor's corresponding session domain(s).

Processes taught by the discussion above may be performed with programcode such as machine-executable instructions which cause a machine (suchas a “virtual machine”, a general-purpose processor disposed on asemiconductor chip or special-purpose processor disposed on asemiconductor chip) to perform certain functions. Alternatively, thesefunctions may be performed by specific hardware components that containhardwired logic for performing the functions, or by any combination ofprogrammed computer components and custom hardware components.

An article of manufacture may be used to store program code. An articleof manufacture that stores program code may be embodied as, but is notlimited to, one or more memories (e.g., one or more flash memories,random access memories (static, dynamic or other)), optical disks,CD-ROMs, DVD ROMs, EPROMs, EEPROMs, magnetic or optical cards or othertype of machine-readable media suitable for storing electronicinstructions. An article of manufacture that stores program code, asdefined above, may be referred to variously as a “computer readablestorage medium” or a “machine readable storage medium.” Program code mayalso be downloaded from a remote computer (e.g., a server) to arequesting computer (e.g., a client) by way of data signals embodied ina propagation medium (e.g., via a communication link (e.g., a networkconnection)).

FIG. 19 shows an embodiment of a computing system (e.g., “a computer”).The exemplary computing system of FIG. 19 includes: 1) one or moreprocessors 1901 having an “on-chip” DC-DC converter 1910; 2) a memorycontrol hub (MCH) 1902; 3) a system memory 1903 (of which differenttypes exist such as DDR RAM, EDO RAM, etc,); 4) a cache 1904; 5) an I/Ocontrol hub (ICH) 1905; 19) a graphics processor 1906; 19) adisplay/screen 1907 (of which different types exist such as Cathode RayTube (CRT), Thin Film Transistor (TFT), Liquid Crystal Display (LCD),DPL, etc.; 8) one or more I/O devices 1908.

The one or more processors 1901 execute instructions in order to performwhatever software routines the computing system implements. Theinstructions frequently involve some sort of operation performed upondata. Both data and instructions are stored in system memory 1903 andcache 1904. Cache 1904 is typically designed to have shorter latencytimes than system memory 1903. For example, cache 1904 might beintegrated onto the same silicon chip(s) as the processor(s) and/orconstructed with faster SRAM cells whilst system memory 1903 might beconstructed with slower DRAM cells. By tending to store more frequentlyused instructions and data in the cache 1904 as opposed to the systemmemory 1903, the overall performance efficiency of the computing systemimproves.

System memory 1903 is deliberately made available to other componentswithin the computing system. For example, the data received from variousinterfaces to the computing system (e.g., keyboard and mouse, printerport, LAN port, modem port, etc.) or retrieved from an internal storageelement of the computing system (e.g., hard disk drive) are oftentemporarily queued into system memory 1903 prior to their being operatedupon by the one or more processor(s) 1901 in the implementation of asoftware program. Similarly, data that a software program determinesshould be sent from the computing system to an outside entity throughone of the computing system interfaces, or stored into an internalstorage element, is often temporarily queued in system memory 1903 priorto its being transmitted or stored.

The ICH 1905 is responsible for ensuring that such data is properlypassed between the system memory 1903 and its appropriate correspondingcomputing system interface (and internal storage device if the computingsystem is so designed). The MCH 1902 is responsible for managing thevarious contending requests for system memory 1903 access amongst theprocessor(s) 1901, interfaces and internal storage elements that mayproximately arise in time with respect to one another.

One or more I/O devices 1908 are also implemented in a typical computingsystem. I/O devices generally are responsible for transferring data toand/or from the computing system (e.g., a networking adapter); or, forlarge scale non-volatile storage within the computing system (e.g., harddisk drive). ICH 1905 has bi-directional point-to-point links betweenitself and the observed I/O devices 1908.

It is believed that processes taught by the discussion above can bepracticed within various software environments such as, for example,object-oriented and non-object-oriented programming environments, Javabased environments (such as a Java 2 Enterprise Edition (J2EE)environment or environments defined by other releases of the Javastandard), or other environments (e.g., a NET environment, a Windows/NTenvironment each provided by Microsoft Corporation).

In the foregoing specification, the invention has been described withreference to specific exemplary embodiments thereof. It will, however,be evident that various modifications and changes may be made theretowithout departing from the broader spirit and scope of the invention asset forth in the appended claims. The specification and drawings are,accordingly, to be regarded in an illustrative rather than a restrictivesense.

1. A method performed by a computing system, comprising: reading programcode from memory and processing said program code with one or moreprocessors to perform the following: a) receiving a deploymentdescriptor that defines a session domain and specifies a persistencescope that is external to said computing system and determining saidpersistence scope from said deployment descriptor; b) as a consequenceof determining said persistence scope, instantiating a plug-in for adatabase that is external to said computing system, the plug-inproviding a translation layer between a generic session persistenceinterface and the database; and, c) over the course of a session,managing the persistence of said session's session state information byusing said plug-in to translate a first command that is not specific tosaid database into a second command that is specific to said database,said first command to implement one of the following processes: storing,into said database, attributes of said session stored within a sharedmemory as a shared closure of multiple objects, said shared memoryshared by multiple virtual machines of said computing system;retrieving, from said database, attributes of said session and storingsaid attributes within said shared memory as a shared closure ofmultiple objects; wherein the session domain includes the session andmanages session management criteria for the session within the sharedmemory.
 2. The method of claim 1 wherein said attributes are stored insaid database in a row of a table, said table containing session stateinformation for other sessions that are managed according to a same setof session management criteria as said session.
 3. The method of claim 1wherein said managing the persistence of said session's session stateinformation further comprises using said plug-in translate a thirdcommand that is not specific to said database into a fourth command thatis specific to said database, said third command to implement one of thefollowing processes: retrieving from said database a same attribute formultiple sessions including said session, none of said multiple sessionsbeing expired; retrieving from said database a same attribute formultiple sessions including said session, each of said sessions havingexpired; and, retrieving from said database all attributes of multiplesessions including said session, each of said multiple sessions havingexpired.
 4. The method of claim 1 wherein said managing the persistenceof said session's session state information further comprises using saidplug-in to translate a third command that is not specific to saiddatabase into a fourth command that is specific to said database, saidthird command to implement one of the following process: retrieving fromsaid database all of said session's attributes and storing all of saidattributes within said shared closure within said shared memory;deleting from said database all of said session's attributes.
 5. Themethod of claim 1 wherein said managing the persistence of saidsession's session state information further comprises using said plug-into translate a third command that is not specific to said database intoa fourth command that is specific to said database, said third commandto implement one of the following processes: retrieving from saiddatabase a session identification for said session; retrieving from saiddatabase information used to determine if said session has expired;updating information within said database used to determine if saidsession has expired.
 6. An article of manufacture comprising programcode stored on a machine readable storage medium which, when processedby one or more processors of a computing system causes the one or moreprocessors to perform a method, the method comprising: a) receiving adeployment descriptor that defines a session domain and specifies apersistence scope that is external to said computing system anddetermining said persistence scope from said deployment descriptor; b)as a consequence of determining said persistence scope, instantiating aplug-in for a database that is external to said computing system, theplug-in providing a translation layer between a generic sessionpersistence interface and the database; and, c) over the course of asession, managing a persistence of session state information for thesession by using said plug-in to translate a first command that is notspecific to said database into a second command that is specific to saiddatabase, said first command to implement one of the followingprocesses: storing, into said database, attributes of said sessionstored within a shared memory as a shared closure of multiple objects,said shared memory shared by multiple virtual machines of said computingsystem; retrieving, from said database, attributes of said session andstoring said attributes within said shared memory as a shared closure ofmultiple objects; wherein the session domain includes the session andmanages session management criteria for the session within the sharedmemory.
 7. The article of manufacture of claim 6 wherein said attributesare stored in said database in a row of a table, said table containingsession state information for other sessions that are managed accordingto a same set of session management criteria as said session.
 8. Thearticle of manufacture of claim 6 wherein said managing the persistenceof said session's session state information further comprises using saidplug-in translate a third command that is not specific to said databaseinto a fourth command that is specific to said database, said thirdcommand to implement one of the following processes: retrieving fromsaid database a same attribute for multiple sessions including saidsession, none of said multiple sessions being expired; retrieving fromsaid database a same attribute for multiple sessions including saidsession, each of said sessions having expired; and, retrieving from saiddatabase all attributes of multiple sessions including said session,each of said multiple sessions having expired.
 9. The article ofmanufacture of claim 6 wherein said managing the persistence of saidsession's session state information further comprises using said plug-into translate a third command that is not specific to said database intoa fourth command that is specific to said database, said third commandto implement one of the following process: retrieving from said databaseall of said session's attributes and storing all of said attributeswithin said shared closure within said shared memory; deleting from saiddatabase all of said session's attributes.
 10. The article ofmanufacture of claim 6 wherein said managing the persistence of saidsession's session state information further comprises using said plug-into translate a third command that is not specific to said database intoa fourth command that is specific to said database, said third commandto implement one of the following processes: retrieving from saiddatabase a session identification for said session; retrieving from saiddatabase information used to determine if said session has expired;updating information within said database used to determine if saidsession has expired.
 11. A computing system comprising a computerreadable storage medium including program code, said program codecapable of being processed by one or more processors to perform thefollowing operations: a) receiving a deployment descriptor that definesa session domain and specifies a persistence scope that is external tosaid computing system and determining said persistence scope from saiddeployment descriptor; b) as a consequence of determining saidpersistence scope, instantiating a plug-in for a database that isexternal to said computing system, the plug-in providing a translationlayer between a generic session persistence interface and the database;and, c) over the course of a session, managing a persistence of sessionstate information for the session by using said plug-in to translate afirst command that is not specific to said database into a secondcommand that is specific to said database, said first command toimplement one of the following processes: storing, into said database,attributes of said session stored within a shared memory as a sharedclosure of multiple objects, said shared memory shared by multiplevirtual machines of said computing system; retrieving, from saiddatabase, attributes of said session and storing said attributes withinsaid shared memory as a shared closure of multiple objects; wherein thesession domain includes the session and manages session managementcriteria for the session within the shared memory.
 12. The computingsystem of claim 11 wherein said attributes are stored in said databasein a row of a table, said table containing session state information forother sessions that are managed according to a same set of sessionmanagement criteria as said session.
 13. The computing system of claim11 wherein said managing the persistence of said session's session stateinformation further comprises using said plug-in translate a thirdcommand that is not specific to said database into a fourth command thatis specific to said database, said third command to implement one of thefollowing processes: retrieving from said database a same attribute formultiple sessions including said session, none of said multiple sessionsbeing expired; retrieving from said database a same attribute formultiple sessions including said session, each of said sessions havingexpired; and, retrieving from said database all attributes of multiplesessions including said session, each of said multiple sessions havingexpired.
 14. The computing system of claim 11 wherein said managing thepersistence of said session's session state information furthercomprises using said plug-in to translate a third command that is notspecific to said database into a fourth command that is specific to saiddatabase, said third command to implement one of the following process:retrieving from said database all of said session's attributes andstoring all of said attributes within said shared closure within saidshared memory; selecting from said database all of said session'sattributes.
 15. The computing system of claim 11 wherein said managingthe persistence of said session's session state information furthercomprises using said plug-in to translate a third command that is notspecific to said database into a fourth command that is specific to saiddatabase, said third command to implement one of the followingprocesses: retrieving from said database a session identification forsaid session; retrieving from said database information used todetermine if said session has expired; updating information within saiddatabase used to determine if said session has expired.
 16. A computingsystem comprising a computer readable storage medium including programcode, said program code capable of being processed by one or moreprocessors to perform the following operations: a) receiving adeployment descriptor that specifies a persistence scope that isexternal to said computing system and determining said persistence scopefrom said deployment descriptor; b) as a consequence of determining saidpersistence scope, instantiating a plug-in for a database that isexternal to said computing system; and, c) over the course of a session,managing a persistence of session state information for the session byusing said plug-in to: translate a first command that is not specific tosaid database into a second command that is specific to said database,said first command to implement one of the following processes, storing,into said database, attributes of said session stored within a sharedmemory as a shared closure of multiple objects, said shared memoryshared by multiple virtual machines of said computing system;retrieving, from said database, attributes of said session and storingsaid attributes within said shared memory as a shared closure ofmultiple objects; and translate a third command that is not specific tosaid database into a fourth command that is specific to said database,said third command to implement one of the following processes,retrieving from said database a same attribute for multiple sessionsincluding said session, none of said multiple sessions being expired;retrieving from said database a same attribute for multiple sessionsincluding said session, each of said sessions having expired; and,retrieving from said database all attributes of multiple sessionsincluding said session, each of said multiple sessions having expired;wherein said attributes are stored in said database in a row of a table,said table containing session state information for other sessions thatare managed according to a same set of session management criteria assaid session.